<?php
# ***** BEGIN LICENSE BLOCK *****
# This file is part of "myWiWall".
# Copyright (c) 2007-2008 CRP Henri Tudor and contributors.
# All rights reserved.
#
# "myWiWall" is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 as published by
# the Free Software Foundation.
# 
# "myWiWall" is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License
# along with "myWiWall"; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
# ***** END LICENSE BLOCK *****
class AdminUsers
{
	public function index()
	{
		if (Auth::isAuth() && (Auth::isAdmin() || Auth::isGod()))
		{
			$users = UsersManagement::retrieveUsers(Auth::getCopName());
			
			if (isset($_SESSION['isError']))
			{
				$message = $_SESSION['message'];
				$isError = $_SESSION['isError'];
				
				unset($_SESSION['message']);
				unset($_SESSION['isError']);
			}
			

			$widgetManagement = true;	
			$partial = 'users';
			
			require_once (DefaultFC::getView('admin.tpl'));
		}
		else
		{
			redirect('users/index');
		}
	}
	
	public function add()
	{
		if (Auth::isAuth() && (Auth::isAdmin() || Auth::isGod()))
		{
			$userFormMode = 'add';
			$displayOldValues = false;
			$availableLanguages = Util::getAvailableLanguages();
			$availableUserTypes = Util::getAvailableUserTypes();
			
			$widgetManagement = true;	
			$partial = 'users_form';
			
			require_once (DefaultFC::getView('admin.tpl'));
		}
		else
		{
			redirect('users/index');
		}
	}
	
	public function addAction()
	{
		if (Auth::isAuth() && (Auth::isGod() || Auth::isAdmin()))
		{
			// Once more, I prefer use the old school way to retrieve variables here
			// because the values sent by the form may vary in the future.
			$username 	= $_POST['username'];
			$password 	= $_POST['password'];
			$language 	= $_POST['language'];
			$openId 	= isset($_POST['openid']) ? $_POST['openid'] : '';
			$userType	= $_POST['rights'];
			
			try
			{
				$params = array('username' 	=> $username,
								'password' 	=> $password,
								'language' 	=> $language,
								'openid'	=> $openId,
								'rights'	=> $userType,
								'copname'	=> Auth::getCopName());
				
				UsersManagement::addUser($params);
				
				$_SESSION['isError'] = false;
				$_SESSION['message'] = __("The user has been successfuly created.");
				
				DefaultFC::redirection('adminUsers/index');
				
			}
			catch (UsersManagementException $e)
			{
				$isError = true;
				$message = Util::buildAddEditUserErrorMessage($e);
				
				// Escaping to reinsert in form ...
				$username 	= htmlspecialchars($username, ENT_QUOTES, 'UTF-8');
				$password 	= htmlspecialchars($password, ENT_QUOTES, 'UTF-8');
				$language 	= htmlspecialchars($language, ENT_QUOTES, 'UTF-8');
				$openId 	= htmlspecialchars($openId, ENT_QUOTES, 'UTF-8');
				$userType	= htmlspecialchars($userType, ENT_QUOTES, 'UTF-8');
				
				$userFormMode = 'add';
				$availableLanguages = Util::getAvailableLanguages();
				$availableUserTypes = Util::getAvailableUserTypes();
				$displayOldValues = true;
				
				$widgetManagement = true;	
				$partial = 'users_form';
				
				require_once(DefaultFC::getView('admin.tpl'));
			}
		}
	}
	
	public function edit($userId)
	{
		if (Auth::isAuth() && (Auth::isAdmin() || Auth::isGod()))
		{
			$userFormMode = 'edit';
			$displayOldValues = true;
			
			$availableLanguages = Util::getAvailableLanguages();
			$availableUserTypes = Util::getAvailableUserTypes();
			
			$user = UsersManagement::retrieveUser($userId);
			
			$userId 	= $user['id'];
			$username 	= $user['username'];
			$password 	= $user['password'];
			$language 	= $user['lang'];
			$openId 	= $user['open_id'];
			$userType	= $user['level'];
			
			$widgetManagement = true;	
			$partial = 'users_form';
			
			require_once (DefaultFC::getView('admin.tpl'));
		}
		else
		{
			redirect('users/index');	
		}
	}
	
	public function editAction($userId)
	{
	if (Auth::isAuth() && (Auth::isGod() || Auth::isAdmin()))
		{
			// Once more, I prefer use the old school way to retrieve variables here
			// because the values sent by the form may vary in the future.
			$userId 	= $_POST['userId'];
			$username 	= $_POST['username'];
			$password 	= $_POST['password'];
			$language 	= $_POST['language'];
			$openId 	= isset($_POST['openid']) ? $_POST['openid'] : '';
			$userType	= $_POST['rights'];
			
			try
			{
				$params = array('userid'	=> $userId,
								'username' 	=> $username,
								'password' 	=> $password,
								'language' 	=> $language,
								'openid'	=> $openId,
								'rights'	=> $userType,
								'copname'	=> Auth::getCopName());
				
				UsersManagement::editUser($params);
				
				$_SESSION['isError'] = false;
				$_SESSION['message'] = __("The user has been successfuly updated.");
				
				DefaultFC::redirection('adminUsers/index');
				
			}
			catch (UsersManagementException $e)
			{
				$isError = true;
				$message = Util::buildAddEditUserErrorMessage($e);
				
				// Escaping to reinsert in form ...
				$username 	= htmlspecialchars($username, ENT_QUOTES, 'UTF-8');
				$password 	= htmlspecialchars($password, ENT_QUOTES, 'UTF-8');
				$language 	= htmlspecialchars($language, ENT_QUOTES, 'UTF-8');
				$openId 	= htmlspecialchars($openId, ENT_QUOTES, 'UTF-8');
				$userType	= htmlspecialchars($userType, ENT_QUOTES, 'UTF-8');
				
				$userFormMode = 'edit';
				$availableLanguages = Util::getAvailableLanguages();
				$availableUserTypes = Util::getAvailableUserTypes();
				$displayOldValues = true;
				
				$widgetManagement = true;	
				$partial = 'users_form';
				
				require_once(DefaultFC::getView('admin.tpl'));
			}
		}
	}
	
	public function deleteAction($userId)
	{
		if (Auth::isAuth() && (Auth::isAdmin() || Auth::isGod()))
		{
			UsersManagement::deleteUser($userId);
			
			$_SESSION['isError'] = false;
			$_SESSION['message'] = __('The user has been successfuly removed from the portal.');
			
			DefaultFC::redirection('adminUsers/index');	
		}
		else
		{
			redirect('users/index');	
		}
	}
}
?>